root and in-addr.arpa zone transfers

omight omight at gmail.com
Thu Sep 10 07:40:23 UTC 2009 

Apparently FreeBSD only slaves F.ROOT-SERVERS.NET in it's default
configuration for bind:
http://www.freebsd.org/cgi/cvsweb.cgi/src/etc/namedb/named.conf
http://www.freebsd.org/cgi/cvsweb.cgi/src/etc/namedb/named.conf?rev=1.21.2.9;content-type=text%2Fplain

<SNIP>
/*	Slaving the following zones from the root name servers has some
	significant advantages:
	1. Faster local resolution for your users
	2. No spurious traffic will be sent from your network to the roots
	3. Greater resilience to any potential root server failure/DDoS

	On the other hand, this method requires more monitoring than the
	hints file to be sure that an unexpected failure mode has not
	incapacitated your server.  Name servers that are serving a lot
	of clients will benefit more from this approach than individual
	hosts.  Use with caution.

	To use this mechanism, uncomment the entries below, and comment
	the hint zone above.
*/
/*
zone "." {
	type slave;
	file "slave/root.slave";
	masters {
		192.5.5.241;	// F.ROOT-SERVERS.NET.
	};
	notify no;
};
zone "arpa" {
	type slave;
	file "slave/arpa.slave";
	masters {
		192.5.5.241;	// F.ROOT-SERVERS.NET.
	};
	notify no;
};
<SNIP>

2009/9/9 Matus UHLAR - fantomas <uhlar at fantomas.sk>:
> On 09.09.09 11:00, Rick Dicaire wrote:
>> On Wed, Sep 9, 2009 at 10:51 AM, Rich Goodson <rgoodson at gronkulator.com> wrote:
>> > zone "." {
>> >        type slave;
>> >        file "slave/root.slave";
>> >        masters {
>> >                192.33.4.12;    // C.ROOT-SERVERS.NET.
>> >                192.112.36.4;   // G.ROOT-SERVERS.NET.
>> >                193.0.14.129;   // K.ROOT-SERVERS.NET.
>> >        };
>> >        notify no;
>> > };
>>
>> Interesting....can any of the root servers be used, or must it be just
>> these three?
>
> you can try dig axfr from all of them but many of them don't allow
> transfers. I guess he already did it and above is list of servers that do
> allow transfers...
> --
> Matus UHLAR - fantomas, uhlar at fantomas.sk ; http://www.fantomas.sk/
> Warning: I wish NOT to receive e-mail advertising to this address.
> Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
> Due to unexpected conditions Windows 2000 will be released
> in first quarter of year 1901
> _______________________________________________
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
>

More information about the bind-users mailing list